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What is claimed is. 



1 1. A content and application delivery system comprising: 

2 an origin web site having an origin web server, said origin web server 

3 having a first memory for storing a first version of a web content; 

4 an edge server communicating via a data network with said origin web 

5 server and a policy control server; 

6 said edge server having a second memory for storxng a second versxon of 

7 said web content and deriving said second version from said origin web 

8 server according to directives of a service policy that resides at said pol- 

9 icy control server, said edge server downloading said directives of said 

10 service policy from said policy control server via said data network; 

11 wherein a request of a user directed to said origin web site for a re- 

12 source from said web content is redirected to said edge server, and respon- 

13 sive to said request a third version of said web content is provided to the 

14 user from said edge server, said third version being derived from said sec- 

15 ond version in accordance with said directives of said service policy. 

1 2. The system according to claim 1, wherein said policy control server 

2 is said origin web server. 

1 3. The system according to claim 1, wherein said directives of service 

2 policy are specified using an XML based language. 

1 4. The system according to claim 3, wherein said directives of said 

2 service policy include a description of resources of said origin web site. 

1 5.. The system of claim 4 wherein said description of resources is 

2 specified using a resource definition framework, said resource definition 

3 framework having extensions comprising protocol, type, size, encoding con- 

4 vention, creation time, expiration time, keyword, target groups, an alter- 

5 nate URL for fetching said resources, and a location of a code for creating 

6 a dynamic resource; 

7 wherein said description of resources includes at least one of said ex- 

8 tensions . 

1 6. The system according to claim 4 wherein said directives of said 

2 service policy include a description of users at a target site. 
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1 7. The system of claim 1 wherein communication between said edge server 

2 and at least one of said policy control server and said origin web server is 

3 effected using an http protocol or an https protocol. 

1 8. The system of claim 1, wherein said origin web site comprises a plu- 

2 rality of origin web sites, and said first version is distributed in said 

3 plurality of origin web sites, defining thereby a distributed first version, 

4 said second version being derived from said distributed first version. 

1 9. The system of claim 1 wherein said policy control server comprises a 

2 plurality of web servers. 

1 10. The system of claim 9, wherein said web servers are said origin web 

2 server, said edge server and a server located at a third party site. 

1 11. The system of claim 1, wherein said directives comprise a descrip- 

2 tion of an edge server group associated with said origin web site. 

1 12. The system of claim 11, wherein said description of an edge server 

2 group includes information concerning at least one of an organization type, 

3 geographical region, language, business relation to said origin web site, 

4 edge server hardware capabilities, edge server software capabilities, edge 

5 server security specifications, internet location and internet connection 

6 speed of members of said edge server group. 

1 13. The system of claim 1, wherein said second version is derived from 

2 said first version by the steps of: 

3 selecting resources from said first version according to predetermined 

4 criteria comprising at least one of a resource URL, time of resource genera- 

5 tion, length, keyword list, target groups, data format, and key; 

6 transforming a selected resource in said second memory responsive to 

7 said directives, wherein said directives comprise a description of an edge 

8 server group associated with said origin web site to define a transformed 

9 selected resource; and 

10 storing said transformed selected resource in said second memory. 



1 
2 



14. The system according to claim 13, wherein said second memory com- 
prises a cache memory. 
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1 15. The system according to claim 13, wherein said predetermined crite- 

2 ria comprise a presence of updated resources in said first version that are 

3 absent in said second version. 

1 16. The system according to claim 1, wherein said service policy dif- 

2 ferentiates a resource of said first version from a resource of said second 

3 version according to an attribute of said edge server and an attribute of at 

4 least; one of said first resource and said second resource. 

1 17. The system according to claim 16, wherein said attribute comprises 

2 at least one of a caching priority, caching validation, a caching invalida- 

3 tion, preposition at a predetermined time and preposition upon an occurrence 

4 of a predetermined event. 

1 18. The system according to claim 1, wherein said service policy dif- 

2 ferentiates a resource of said second version from a resource in said third 

3 version according to at least one of attribute of the user, attribute of the 
A edge server, request time and attribute of the resource. 

1 19. The system according to claim 1, wherein one of said directives of 

2 said service policy instructs said edge server to redirect said request of 

3 said user to another web resource. 

1 20. The system according to claim 19, wherein said another web resource 

2 is located at said origin web site. 

1 21. The system according to claim 19, wherein said another web resource 

2 is external to said origin web site. 

1 22. The system according to claim 19, wherein said request is redi- 

2 rected by sending an http redirect instruction from said edge server to said 

3 user. 

1 23. The system according to claim 19, wherein said request is redi- 

2 rected to another resource by said edge server by modifying a URL portion of 

3 said request and loading the resource from the origin site. 

1 24. The system according to claim 19, wherein said request is redi- 

2 rected according to an attribute of the user. 
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25. The system according to claim 1, wherein at least two of said first 
version, said second version, and said third version are identical. 

26. The system according to claim 1, wherein a group of resources of 
said first version is stored in a compressed form, and a corresponding group 
of resources of said second version is uncompressed by said edge server ac- 
cording to said directives. 

27. The system according to claim 26, wherein said group of resources 
of said first version is stored in a packed form, and said corresponding 
group of resources of said second version is unpacked by said edge server 
according to said directives. 

28. The system according to claim 1, wherein a resource of said first 
version is in an encrypted form, and a corresponding resource of said second 
version is decrypted by said edge server according to said directives. 

29. The system according to claim 1, wherein a resource of said first 
version is communicated by a first protocol to form a resource of said sec- 
ond version, wherein said resource of said second version is communicated by 
a second protocol to form a resource of said third version. 

30. The system according to claim 29, wherein said first protocol is 
file transfer protocol and said second protocol is http. 

31. The system according to claim 29, wherein said first protocol is 
identical to said second protocol, wherein parameters of said first protocol 
differ from parameters of said second protocol. 

32. The system according to claim 1, wherein said resource has an ac- 
tion defined therein, and said edge server performs said action. 

33. The system according to claim 32, wherein said action comprises 
execution of an application. 

34. The system according to claim 33, wherein said application is a web 
form processing application; 
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wherein in a first step said edge server communicates a form to be com- 
pleted by the user; and 

in a second step parameters of said form are transmitted from the user 
to said edge server. 

35. The system according to claim 33, wherein said application is a 
user password processing application; 

wherein in a first step said edge server triggers a password template 
to be filled by the user; and 

in a second step form parameters of said password template are trans- 
mitted from the user to said edge server. 

36. The system according to claim 33, wherein instructions of said ap- 
plication cause said edge server to identify an attribute of said user that 
is included in said request and to return resources in said second memory of 
said edge server that are associated with a URL of said request and said at- 
tribute of said user. 

37. The system according to claim 36, wherein said attribute is identi- 
fied in a request header having a cookie, and said resources are defined in 
said directives of said service policy, wherein said directives are stored 
in said edge server. 

38. The system according to claim 33, wherein said application is a 
user password processing application; 

wherein said edge server forwards said request to said origin web 
server and delivers a user name and a user password to said origin web 
server;' 

wherein responsive to said user name and said user password said re- 
source is transmitted by said origin web server to said edge server. 

39. The system according to claim 38, wherein said resource is held in 
a cache by said edge server. 



40. The system according to claim 33, wherein said application is a web 
common gateway interface extension or a Java servlet. 
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1 41. The system according to claim 1 wherein the user is a member of a 

2 group, and responsive to said request said edge server authenticates a mem- 

3 bership of the user in said group. 

1 42. The system according to claim 1, wherein said edge server is in 

2 communication with an external web server via said data network, and a por- 

3 tion of said second version is obtained from said external web server ac- 

4 cording to said service policy. 

1 43. The system according to claim 1, wherein said resource is received 

2 by said edge server from said origin web server and stored therein, wherein 

3 said resource is modified prior to being stored in said edge server respon- 

4 sive to attributes of said edge server, said user, and said resource that 

5 are specified in said directives of said service policy. 

1 44. The system according to claim 43, wherein said resource is modified 

2 by replacement thereof with a second resource that is local to said edge 

3 server . 

1 45. The system according to claim 43, wherein said resource is modified 

2 by combination thereof with a second resource that is local to said edge 

3 server. 

1 46. The system according to claim 43, wherein said resource is a web 

2 page that is modified by an operation consisting of at least one of frame 

3 insertion, textual or graphic insertion, html code insertion, link modifica- 

4 tion, embedded object modification, and adaptation of said web page to re- 

5 quirements of a browser. 
6 

1 47. The system according to claim 46, wherein a first URL in an embed- 

2 ded link of said web page is modified to define a second URL having a domain 

3 name value such that a routing of said request using said second URL is di- 

4 rected to said edge server. 

1 48. The system according to claim 1, wherein said request is modified 

2 according to edge server, user and resource attributes that are specified in 

3 said directives. 
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1 49. The system according to claim 48, wherein said request is modified 

2 by an operation consisting of at least one of an addition of user informa- 

3 tion to an http header of said request, adding a cookie to said request, 

4 modifying a URL of said request, modifying form content of said URL, modify- 

5 ing a body of said request, and adding password information to said URL. 

1 50. The system according to claim 48 wherein said resource comprises a 

2 first URL, and said request is modified by an operation comprising modifying 

3 said first URL to define a second URL having a domain name value such that a 

4 routing of said request using said second URL omits said edge server. 

1 51. The system according to claim 48, wherein said resource comprises a 

2 first URL, wherein in a first operation said first URL is modified to define 

3 a second URL having a domain name value such that a routing of said request 

4 using said second URL is directed to said edge server, and in a second op- 

5 eration said second URL is modified to define a third URL having a domain 

6 name value such that a routing of said request using said third URL omits 

7 said edge server. 

1 52. The system according to claim 1 further comprising a DNS system as- 

2 sociated with said data network, and said request is redirected by said DNS 

3 system; 

4 wherein said DNS system resolves a domain name that is included in 

5 said request for said resource, and said DNS system provides the user with 

6 an address of one of said origin web server, another web server that can 

7 serve the resource and said edge server. 

1 53: The system according to claim 52, wherein said service policy dif- 

2 ferentiates said first version from said second version according to at 

3 least one attribute of the user, attribute of the edge server, request time 

4 and attribute of the resource. 

1 54. The system according to claim 52, wherein said service policy dif- 

2 ferentiates said second version from said third version according to at 

3 least one of an attribute of said user, an attribute of said edge server, a 

4 request time and an attribute of the resource. 

1 55. The system according to claim 52, wherein at least two of said 

2 first version, said second version, and said third version are identical. 
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1 56. The system according to claim 52, wherein said first version is 

2 stored in a compressed form, and said second version is uncompressed by said 

3 edge server. 

1 57. The system according to claim 52, wherein said resource has an ac- 

2 tion defined therein, and said edge server performs said action. 

1 58. The system according to claim 57, wherein said action comprises 

2 execution of an application. 

1 59. The system according to claim 52, wherein the user is a member of a 

2 group, and responsive to said request said edge server authenticates a mem- 

3 bership of the user in said group. 

1 60. The system according to claim 52, wherein said edge server is in 

2 communication with an external origin server via said data network, and a 

3 portion of said second version is obtained from said external origin server 

4 according to said service policy. 

1 61. The system according to claim 52, wherein said second version is 

2 obtained by said edge server from said origin web server according to a 

3 modification of a URL, said modification designating a portion of said first 

4 version in said origin web server. 

1 62. A computer implemented method of electronic commerce, comprising 

2 the steps of: 

3 storing a first version of web content in a first server; 

4 implementing a service policy as control instructions that reside in 

5 said first server; 

6 transmitting said control instructions from said first server to a sec- 

7 ond server, wherein said control instructions reside in said first server; 

8 responsive to said control instructions, storing a second version of 

9 said web content in said second server; 

10 redirecting a first request of a first user directed to said first 

11 server for a first resource of said web content to said second server; 

12 providing said first user with a third version of said web content from 

13 said second server; 



38091 



Ver. 38091S9.doc 



107 



14 redirecting a second request of a second user directed to said first 

15 server for a second resource of said web content to said second server in 

16 accordance with said control instructions; 

17 providing said second user with a fourth version of said web content 

18 from said second server in accordance with said control instructions; and 

19 associating said first user with said second user via a communication 

20 path extending through said second server. 

1 63. The method according to claim 62, wherein said third version and 

2 said fourth version are identical. 

1 64. The system according to claim 62, further comprising the step of 

2 differentiating said first version from said second version according to an 

3 attribute of said second server. 

1 65. The system according to claim 62, further comprising the step of 

2 differentiating said second version from said third version according to a 
3- criterion consisting of at least one of an attribute of said user, an at- 

4 tribute of an edge server, a request time and an attribute of the resource. 

1 66. The system according to claim 62, further comprising the steps of: 

2 compressing said first version, 

3 downloading said first version from said first server to said second 

4 server; 

5 uncompressing said first version in said second server; and 

6 deriving said second version from said first version in said second 

7 server. 

1 67. The system according to claim 62, wherein said first resource per- 

2 forms an action defined therein, said action comprising the step of execut- 

3 ing of an application. 

1 68. The system according to claim 67, wherein said step of executing an 

2 application comprises: 

3 communicating a form to be completed by said first user; and 

4 accepting parameters of said form from said first user. 

1 69. The system according to claim 67, wherein said step of executing an 

2 application -comprises : 
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3 triggering a password template to be filled by said first user; and 

4 accepting parameters of said password template from said first user. 

1 7 0. A domain name system, comprising: 

2 a regional DNS server that is non-authoritative for an external domain 

3 name zone; 

4 a root DNS server; and 

5 an authoritative DNS server for said external domain name zone, said 

6 regional DNS server, said root DNS server, and said authoritative DNS server 

7 being linked via a data network; 

8 wherein in response to a DNS address resolution request for a name 

9 within said external domain name zone received from a client, said regional 

10 DNS server effects a first resolution of said DNS address resolution request 

11 into a first network address and communicates said first network address 

12 to said client, said first network address being different from a second 

13 network address that is configured in said authoritative DNS server, wherein 

14 said second network address comprises a second resolution of said DNS ad- 

15 dress resolution request: in said external domain name zone. 

1 71. The domain name system according to claim 70, wherein said first 

2 resolution effected by said regional DNS server is controlled by a policy 

3 control server that is linked to said data network. 

1 72. The domain name system according to claim 70, further comprising an 

2 Edge DNS server linked to said data network. 

1 73. The domain name system according to claim 72, wherein said regional 

2 DNS server conducts a zone forwarding procedure to said Edge DNS server for 

3 a domain name corresponding to said first resolution. 

1 74. The domain name system according to claim 73, wherein said first 

2 resolution effected by said regional DNS server is controlled by a policy 

3 control server that is linked to said data network. 

1 75. The domain name system according to claim 73, wherein responsive to 

2 said zone forwarding procedure said Edge DNS server returns said first 

3 resolution of said DNS address resolution request to said regional DNS 

4 server. 
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1 76. The domain name system according to claim 72, wherein said first 

2 network address is registered in said Edge DNS server in response to a DNS 

3 cache registration operation. 

1 77. The domain name system according to claim 72, wherein a resolution 

2 table of said Edge DNS server is automatically derived from said regional 

3 non-authoritative DNS server responsive to a directive of said policy con- 

4 trol server. 

1 78. The domain name system according to claim 72, wherein said Edge DNS 

2 server comprises a plurality of Edge DNS servers, wherein in an event of a 

3 failure of a first one of said Edge DNS servers, a second one of said Edge 

4 DNS servers is substituted therefor. 

1 79. A method of domain name resolution, comprising the steps of: 

2 receiving a DNS address resolution request via a data network from a 

3 client for a name within an external domain name zone in a regional DNS 

4 server that is non-authoritative for said external domain name zone; 

5 obtaining a first resolution of said DNS address resolution request 

6 from an authoritative DNS server for said external domain name zone via said 

7 data network, defining a first network address, wherein said authoritative 

8 DNS server is linked to a root DNS server in said data network; 

9 effecting a second resolution of said DNS address resolution request in 

10 said regional DNS server, defining a second network address, wherein said 

11 second network address is different from said first network address; and 

12 communicating said second network address to said client via said data 

13 network. 

1 80. The method according to claim 79,- further comprising the steps of: 

2' linking a policy control server in said data network; and 

3 controlling said second resolution according to a policy of said policy 

4 control server that corresponds to said name in said external domain name 

5 zone. 

1 81. The method according to claim 80, wherein said policy control 

2 server resides in an origin server that corresponds to said name in said ex- 

3 ternal domain name zone. 
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1 82. The method according to claim 80 wherein said policy controls said 

2 second resolution by specifying a domain name according to an operational 

3 criterion of an origin server in said data network. 

1 83. A method of domain name resolution, comprising the steps of: 

2 receiving a DNS address resolution request via a data network from a 

3 client for a name within an external domain name zone in a regional DNS 

4 server that is non-authoritative for said external domain name zone, wherein 

5 an authoritative DNS server is accessible in said data network by said re- 

6 gional DNS server, and said name is resolvable in said authoritative DNS 

7 server to effect a first resolution thereof, defining a first network ad- 

8 dress, and said authoritative DNS server is linked to a root DNS server in 

9 said data network; 

10 forwarding said DNS address resolution request from said regional DNS 

11 server to an Edge DNS server via said data network; 

12 instructing an edge server in said data network to periodically write 

13 a regional domain name DNS resolution into a resolution cache of said Edge 

14 DNS server, wherein a time-to-live interval of said regional domain name DNS 

15 resolution exceeds an interval between successive performances of said step 

16 of writing; 

17 responsive to said step of periodically writing, effecting a second 

18 resolution of said DNS address resolution request in said Edge DNS server, 

19 defining therein a second network address, wherein said second network ad- 

20 dress is different from said first network address; 

21 communicating said second network address from said Edge DNS server to 

22 said regional DNS server via said data network; to define an actual network 

23 address; and 

24 communicating said actual network address from said regional DNS server 

25 to said client via said data network. 

1 84. The method according to claim 83, further comprising the steps of: 

2 in an event of failure of said edge server to perform said step of pe- 

3 riodically writing, obtaining said actual network address by querying said 

4 root DNS server to obtain said first resolution ; and 

5 storing said first resolution in said Edge DNS server, to define said 

6 actual network address therein as said first network address. 

1 85. The method according to claim 83, further comprising the steps of: 

2 linking a policy control server in said data network; and 
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3 controlling said second resolution according to a policy of said policy 

4 control server. 

1 86. The method according to claim 85 wherein said second resolution is 

2 effected by an operation consisting of at least one of providing a local 

3 edge server network address, providing an origin site network address, and 

4 altering a time to live value for a cached resolution. 

1 87. The method according to claim 85, wherein said policy control 

2 server resides in an origin server that corresponds to said name in said ex- 

3 ternal domain name zone. 

1 88. A method of domain name resolution, comprising the steps of: 

2 receiving a DNS address resolution request via a data network from a 

3 client for a name within an external domain name zone in an regional DNS 

4 server that is nonauthoritative for a region said external domain name zone; 

5 wherein said name is mapped at an authoritative DNS server to a first 

6 network address, and said regional DNS server forwards said request to an 

7 Edge DNS server that is non- authoritative for said external domain name 

8 zone, said Edge DNS server defining a second network address, wherein said 

9 second network address is different from said first network address; 

10 communicating said second network address from said Edge DNS server to 

11 said regional DNS server via said data network; and 

12 communicating said second network address from said regional DNS server 

13 to said client via said data network. 

1 89. The method according to claim 88, further comprising the steps of: 

2 linking a policy control server in said data network; and 

3 controlling said second network address according to a policy of said 

4 policy control server. 

1 90. A method of domain name resolution, comprising the steps of: 

2 using an edge server, inserting registrations into an Edge DNS server 

3 for a name of a domain via a data network, wherein said Edge DNS server is 

4 configured as a master DNS server for said domain; 

5 receiving in a regional DNS server in said data network a DNS address 

6 resolution request via said data network from a client for said name of said 

7 domain; 
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8 responsive to one of said registrations, effecting a resolution of said 

9 DNS address resolution request in said regional DNS server, to define a net- 

10 work address; and 

11 communicating said network address from said regional DNS server to 

12 said client via said data network. 



1 91. The method according to claim 90, further comprising the steps of: 

2 testing unavailability of said Edge DNS server; and 

3 responsive to said step of testing, redirecting entries of said re- 

4 gional DNS server to one of a root DNS server and an origin server in said 

5 data network. 



